Migrate to manifestv2 and other changes:

* Move app install dir from /opt to /var/www * Revamp the way binaries are downloaded thanks to manifestv2 (no need to check for arch, etc) * Remove custom helpers (exec_as, ynh_handle_app_migration) * Rename LFS_KEY as LFS_JWT_SECRET and KEY as SECRET_KEY as named in app.ini * Add JWT_SECRET for oauth and INTERNAL_TOKEN in app.ini * update upstream sample app.ini URL * Disable actions for now. * Automatically add ssh permissions to the system user * Remove support for upgrade before 1.6.4. Edit test_upgrade_from accordingly.
2025-09-03 02:28:30 +02:00 · 2023-09-09 11:17:52 +02:00
parent b51febc0f9
commit 60cb5e5ae4
128 changed files with 474 additions and 1648 deletions
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -3,318 +3,137 @@
 #=================================================
 # GENERIC START
 #=================================================
-
-# Load common variables and helpers
-source ./experimental_helper.sh
-source ./_common.sh
-
 # IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..."
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
-db_password=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
-admin=$(ynh_app_setting_get --app=$app --key=adminusername)
-key=$(ynh_app_setting_get --app=$app --key=secret_key)
-lfs_key=$(ynh_app_setting_get --app=$app --key=lfs_key)
-port=$(ynh_app_setting_get --app=$app --key=web_port)
-upstream_version=$(ynh_app_setting_get --app=$app --key=upstream_version)
+upgrade_type=$(ynh_check_app_version_changed)

 #=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
-
-# We stop the service before to set ynh_clean_setup
-ynh_systemd_action --service_name=$app --action="stop"
-
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
-
-if [ "0$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" -ne 1 ]
-then
-    ynh_backup_before_upgrade
-    ynh_clean_setup () {
-        # Clean installation remainings that are not handled by the remove script.
-        ynh_clean_check_starting
-        ynh_restore_upgradebackup
-    }
-fi
-
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
+# STANDARD UPGRADE STEPS
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1

 # If lfs_key doesn't exist, create it
-if [ -z "$lfs_key" ]; then
+if [ -z "${lfs_key:-}" ]; then
   lfs_key=$(ynh_string_random)
-   ynh_app_setting_set --app=$app --key=lfs_key --value=$lfs_key
+   ynh_app_setting_set --app="$app" --key=lfs_key --value="$lfs_key"
 fi

-#=================================================
-# MIGRATION FROM GOGS
-#=================================================
-
-[[ $YNH_APP_ID == "gogs" ]] \
-    && [[ "$(cat "/opt/$app/templates/.VERSION")" != 0.11.79.1211 ]] \
-    && ynh_die --message "It look like that you have an old Gogs install. You need first upgrade Gogs instance (id: $gogs_migrate_id) and after migrate to Gitea."
-ynh_handle_app_migration --migration_id=gogs --migration_list=gogs_migrations
-
-if [[ $migration_process -eq 1 ]]; then
-    # Reload variables
-    dbname=$app
-    db_user=$app
-    final_path="/opt/$app"
-    datadir="/home/""$app"
-    repos_path="$datadir/repositories"
-    data_path="$datadir/data"
-
-    # Replace the user
-    ynh_system_user_delete $old_app
-    test getent passwd "$app" &>/dev/null || \
-        useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \
-            ynh_die --message "Unable to create $app system account"
-
-    # Clean old binary
-    ynh_secure_remove --file=$final_path/gogs
-    ynh_secure_remove --file=$final_path/custom/conf/auth.d
-
-    # Restore authentication from SQL database
-    ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
-    ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
-
-    # Fix hooks
-    if [[ -e $repos_path ]];then
-        ls $repos_path/*/*.git/hooks/pre-receive | while read p; do
-            ynh_secure_remove --file=$p
-        done
-        ls $repos_path/*/*.git/hooks/post-receive | while read p; do
-            ynh_secure_remove --file=$p
-        done
-    fi
-
-    upstream_version="0.0.1"
+# This is not handled by the core because the previous package did not define final_path...
+if [ -d "/opt/$app" ]; then
+    # This is the package version of the manifestv2
+    rsync -a "/opt/$app/" "$install_dir"
+    ynh_secure_remove "/opt/$app"
 fi

 # Move data directory
-if [ -e "/home/""$app" ] && [ ! -e $datadir ]; then
-    mv "/home/""$app" "$datadir"
+if [ -d "/home/$app" ]; then
+    rsync -a "/home/$app/" "$data_dir"
+    ynh_secure_remove "/home/$app"
 fi

-# Ensuring the user has the right home dir
-if [ ~$app != "$datadir" ]; then
-    usermod -d "$datadir" $app
+# Ensure the user has the correct home dir
+if [ ~"$app" != "$data_dir" ]; then
+    usermod --home "$data_dir" "$app"
 fi

+# Ensure secrets are defined
+# Some workaround around `gitea secret generate` not available in old versions
+mv "$install_dir/gitea" "$install_dir/gitea_orig"
+ynh_setup_source --dest_dir="$install_dir" --source_id=main
+chmod +x "$install_dir/gitea"
+_gitea_set_secrets
+ynh_secure_remove "$install_dir/gitea"
+mv "$install_dir/gitea_orig" "$install_dir/gitea"
+
+# Ensure directories are created
+_gitea_mkdirs
+
 #=================================================
-# STANDARD UPGRADE STEPS
+# STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Configuring application..."
+ynh_script_progression --message="Stopping a systemd service..." --weight=1

-# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
-ynh_secure_remove --file="/opt/$app/templates"
+ynh_systemd_action --service_name="$app" --action="stop"

-# Configure gitea with app.ini file
-config_gitea
+#=================================================
+# REAPPLY SYSTEM CONFIGURATIONS
+#=================================================
+ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
+
+ynh_add_nginx_config

-# Configure init script
-ynh_script_progression --message="Updating systemd units..."
 ynh_add_systemd_config

-# Modify Nginx configuration file and copy it to NGINX conf directory
-ynh_script_progression --message="Configuring NGINX..." --weight=1
-config_nginx
+yunohost service add "$app" --log="/var/log/$app/gitea.log"
+
+ynh_use_logrotate --non-append
+
+ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5
+
+#=================================================
+# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
+#=================================================
+# UPDATE A CONFIG FILE
+#=================================================
+ynh_script_progression --message="Updating configuration files..." --weight=1
+
+# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
+ynh_secure_remove --file="$install_dir/templates"
+
+# Configure gitea with app.ini file
+_gitea_add_config
+_gitea_permissions_install_dir

 #=================================================
 # DB migration
 #=================================================
 ynh_script_progression --message="Upgrading database and sources..." --weight=6

-# Before the version 1.7 the upstream version was not stored
-# The way to find the version for the install < 1.7 is to parse the binary file to find which version is installed
-if [ -z ${upstream_version:-} ]; then
-    for version in "0.0." "1.0." "1.1." "1.2." "1.3." "1.4." "1.5." "1.6." "1.7."; do
-        if strings $final_path/gitea | grep -P "^${version//./\\.}\d"; then
-            upstream_version="${version}0"
-            break
-        fi
-    done
+if ynh_compare_current_package_version --comparison lt --version "1.6.4~ynh1"; then
+    message="Upgrade from $YNH_APP_CURRENT_VERSION was dropped. You need to run this, then upgrade to the latest version:
+sudo yunohost app upgrade $app -u https://github.com/YunoHost-Apps/gitea_ynh/commit/a9ceb157032ae2290e944c1d0a255451ff2d133d"
+    ynh_print_info "$message"
+    ynh_die --message="$message" --ret_code 1
 fi

-restart_gitea() {
-    # Set permissions
-    set_permission
-    ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
-    # Leave the time to update the database schema
-    sleep 5
-    systemctl stop $app
-}
+ynh_setup_source --dest_dir="$install_dir"
+chmod +x "$install_dir/gitea"
+_gitea_permissions_install_dir
+ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
+# FIXME: Leave the time to update the database schema
+sleep 5
+systemctl stop "$app"

-case $upstream_version in
-"0.0."* )
-    ynh_setup_source $final_path source/${architecture}_1.0
-    set_permission
-    systemctl start $app
-    sleep 20
-    systemctl stop $app
-;&
-"1.0."* )
-    ynh_setup_source $final_path source/${architecture}_1.1
-    restart_gitea
-;&
-"1.1."* )
-    ynh_setup_source $final_path source/${architecture}_1.2
-    restart_gitea
-;&
-"1.2."* )
-    ynh_setup_source $final_path source/${architecture}_1.3
-    restart_gitea
-;&
-"1.3."* )
-    ynh_setup_source $final_path source/${architecture}_1.4
-    restart_gitea
-;&
-"1.4."* )
-    ynh_setup_source $final_path source/${architecture}_1.5
-    restart_gitea
-;&
-"1.5."* )
-    ynh_setup_source $final_path source/${architecture}_1.6
-    restart_gitea
-;&
-"1.6."* )
-    ynh_setup_source $final_path source/${architecture}_1.7
-    restart_gitea
-;&
-"1.7."* )
-    ynh_setup_source $final_path source/${architecture}_1.8
-    restart_gitea
-;&
-"1.8."* )
-    ynh_setup_source $final_path source/${architecture}_1.9
-    restart_gitea
-;&
-"1.9."* )
-    ynh_setup_source $final_path source/${architecture}_1.10
-    restart_gitea
-;&
-"1.10."* )
-    ynh_setup_source $final_path source/${architecture}_1.11
-    restart_gitea
-;&
-"1.11."* )
-    ynh_setup_source $final_path source/${architecture}_1.12
-    restart_gitea
-;&
-"1.12."* )
-    ynh_setup_source $final_path source/${architecture}_1.13
-    restart_gitea
-;&
-"1.13."* )
-    ynh_setup_source $final_path source/${architecture}_1.14
-    restart_gitea
-;&
-"1.14."* )
-    ynh_setup_source $final_path source/${architecture}_1.15
-    restart_gitea
-;&
-"1.15."* )
-    ynh_setup_source $final_path source/${architecture}_1.16
-    restart_gitea
-;&
-"1.16."* )
-    ynh_setup_source $final_path source/${architecture}_1.17
-    restart_gitea
-;&
-"1.17."* )
-    ynh_setup_source $final_path source/${architecture}_1.18
-    restart_gitea
-;&
-"1.18."* )
-    ynh_setup_source $final_path source/${architecture}_1.19
-    restart_gitea
-;&
-"1.19."* )
-    ynh_setup_source $final_path source/${architecture}_1.20
-    restart_gitea
-;&
-esac
-
-# Install gitea source
-ynh_setup_source $final_path source/$architecture
-restart_gitea
-
-# SETUP FAIL2BAN
-ynh_script_progression --message="Configuring Fail2Ban..."
-ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5

 #=================================================
-# GENERIC FINALIZATION
+# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
 #=================================================
-
-# Set all permissions
-ynh_script_progression --message="Update permission..."
+# UPDATE A CONFIG FILE
+#=================================================
+ynh_script_progression --message="Updating LDAP configuration..." --weight=1
+# Should be done after DB migration I guess
 if ! ynh_permission_exists --permission admin; then
-    ynh_app_setting_delete --app $app --key unprotected_uris
-    ynh_permission_create --permission="admin" --allowed="$admin"
    # Update ldap config
    ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/login_source.sql"
-    ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
+    ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ../conf/login_source.sql
 fi

-# Add gitea to YunoHost's monitored services
-ynh_script_progression --message="Register Gitea service..."
-yunohost service add "$app" --log="/var/log/$app/gitea.log"
-
-# Add ssh permission for gitea user
-adduser $app ssh.app
-
-# Set permissions
-ynh_script_progression --message="Protecting directory"
-set_permission
-
-# Save Version
-ynh_app_setting_set --app=$app --key=upstream_version --value=$(ynh_app_upstream_version)
-
-# Reload services
-ynh_script_progression --message="Starting Gitea services..." --weight=3
-#ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
-#sleep 1
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
-
-# Store the checksum with the 'INTERNAL_TOKEN' value.
-# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
-ynh_store_file_checksum --file="$final_path/custom/conf/app.ini"

 #=================================================
-# FINISH MIGRATION PROCESS
+# START SYSTEMD SERVICE
 #=================================================
+ynh_script_progression --message="Starting a systemd service..." --weight=1

-if [[ $migration_process -eq 1 ]]; then
-    echo "Gogs has been successfully migrated to Gitea! \
-A last scheduled operation will run in a couple of minutes to finish the \
-migration in YunoHost side. Do not proceed any application operation while \
-you don't see Gogs as installed." >&2
+ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"

-    # Execute a post migration script after the end of this upgrade.
-    # Mainly for some cleaning
-    script_post_migration=gogs_post_migration.sh
-    ynh_replace_string --match_string __OLD_APP__ --replace_string "$old_app" --target_file ../conf/$script_post_migration
-    ynh_replace_string --match_string __NEW_APP__ --replace_string "$app" --target_file ../conf/$script_post_migration
-    cp ../conf/$script_post_migration /tmp
-    chmod +x /tmp/$script_post_migration
-    (cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes)
-fi
+#=================================================
+# END OF SCRIPT
+#=================================================

 ynh_script_progression --message="Upgrade of $app completed" --last